SALES, RENTALS & LAYAWAYS

PROTECTING EVERYTHING THAT HAS EVER BEEN OF VALUE TO YOU

Open 24/7/365

We Have A Life-Time Warranty /
Guarantee On All Products. (Includes Parts And Labor)

Researchers Warn 3 Apps Have Been Stealing Crypto Undetected For A Year

Three crypto based apps have concealed a nasty surprise for those that have downloaded them. Researchers Warn 3 Apps Have Been Stealing Crypto Undetected For A Year

Cyber security researchers have discovered a year-long malware operation that has targeted cryptocurrency users with the creation of a number of fake apps.

Security firm Intezer Labs warned that ever increasing crypto prices have created heightened activity among hackers and malicious actors seeking financial gains. The malware has been disseminated over the past year, but was only discovered in December 2020.

The new remote access trojan (RAT), dubbed ElectroRAT, has been used to empty the cryptocurrency wallets of thousands of Windows, macOS, and Linux users, the report added.

Three cryptocurrency-related apps deployed in the attack — Jamm, eTrade/Kintum, and DaoPoker — were all hosted on their own websites. The first two are bogus crypto trading apps while the third is gambling based.

The ElectroRAT malware hidden inside these apps is extremely intrusive according to the researchers;

“It has various capabilities such as keylogging, taking screenshots, uploading files from disk, downloading files, and executing commands on the victim’s console.”

After being launched on a victim’s computer, the apps show a foreground user interface designed to divert attention from the malicious background processes. The apps were promoted using social media platforms Twitter and Telegram in addition to cryptocurrency based forums such as Bitcointalk.

Intezer Labs estimated that the campaign has already infected “thousands of victims” who have had their crypto wallets emptied. It added that there was evidence that some victims who were compromised by the apps were using popular crypto wallets such as MetaMask.

The malware has been written in a multi-platform programming language called Golang which makes it harder to detect. The security firm stated that it was uncommon to see a RAT designed to steal personal information from cryptocurrency users that was written from scratch, adding;

“It is even rarer to see such a wide-ranging and targeted campaign that includes various components such as fake apps and websites, and marketing/promotional efforts via relevant forums and social media.”

There have been a number of cases in 2020 where fake versions of legitimate apps and browser extensions such as MetaMask or Ledger have made their way onto victims computers. This may be related to Ledger’s massive data breach in mid-December.

In September 2020, Coinbase users were among the victims of new Android-based malware disseminated through Google Play Store.

Updated: 9-17-2021

Crypto Holders Sue Apple Over ‘Fake’ Wallet App Scam

The lawsuit alleges that a fake wallet app was used to cheat customers out of more than $5 million in crypto holdings.

Apple is being sued yet again for damages resulting from an allegedly fake scam app available in its App Store, this time involving cryptocurrency.

In a class-action complaint filed on Thursday, the named plaintiff – Maryland resident Hadona Diep, described as a “full-time cyber-security IT professional” – accused Apple of knowingly “authorizing a malicious application” in its App Store that caused Diep to lose 474 XRP tokens, worth about $507 at the time of publication.

According to the complaint, the fraudulent app, a spoof of the legitimate Toast Wallet called Toast Plus, was used to steal Diep’s seed phrase and all of the tokens in the fake wallet. The complaint alleges that “hundreds or thousands” of users were victims of the Toast Plus scam app and that over $5 million in cryptocurrency was stolen.

The class-action lawsuit against Apple is the latest in a series of suits targeting Apple’s $64 billion App Store. Apple has defended its “walled-garden” approach by saying that it keeps users safe by preventing scams and viruses from being unknowingly downloaded – something that has been called into question by Diep’s lawsuit and others, including the developer of the FlickType app.

Critics of the App Store have also accused it of being an unfair monopoly, the debate at the center of the Apple vs. Epic Games lawsuit. Diep’s lawsuit also calls out Apple’s “near-monopolistic application market,” claiming that Apple must “take reasonable precautions to ensure that the goods it provides are reasonably safe and secure.”

Apple did not respond to CoinDesk’s request for comment on the lawsuit.

Scam Apps Are Rampant

Scam apps have long been a problem on both the Apple App Store and the Google Play Store. Apple has been criticized for unknowingly promoting fake apps, and according to a report from the Washington Post, around 2% of the App Store’s top-grossing apps are scams.

Apple has seemingly struggled to keep the quickly proliferating scam apps out of its App Store, causing damage to both businesses and consumers.

Julie Conroy, head of risk insights and advisory at research and advisory firm Aite-Novarica Group, told CoinDesk that the battle against fake apps is nothing new.

“Attackers have been using very sophisticated tactics for years to dupe unwitting consumers into downloading fake apps from the app stores in order to deploy malware and compromise credentials,” Conroy wrote in an email to CoinDesk.

“While the app stores do have review processes in place to try to detect these, fraudsters have developed some ingenious ways to avoid detection,” Conroy added.

Conroy also wrote that consumer education has been a key component of the defensive strategy taken by financial institutions to protect consumers, but that can be challenging to deploy and measure because consumers are inundated with messages from various sources about cybersecurity.

Researchers Warn 3 Apps,Researchers Warn 3 Apps,Researchers Warn 3 Apps,Researchers Warn 3 Apps,Researchers Warn 3 Apps,

 

Related Articles:

The Pandemic Turbocharged Online Privacy Concerns

US Treasury Breached By Foreign-Backed Hackers

FireEye Hack Portends A Scary Era Of Cyber-Insecurity

How FinCEN Became A Honeypot For Sensitive Personal Data

Apple And Google To Stop X-Mode From Collecting Location Data From Users’ Phones

Surge In Physical Threats During Pandemic Complicates Employee Security Efforts

Imagine A Nutrition Label—for Cybersecurity

Cybercriminals Attack GoDaddy-based Cryptocurrency Platforms

Biden Team Lacks Full U.S. Cybersecurity Support In Transition Fracas

Nasdaq To Buy Anti-Financial Crime Firm Verafin For $2.75 Billion

Mysterious Software Bugs Were Used To Hack iPhones and Android Phones and No One Will Talk About It

Dark Web Hackers Say They Hold Keys To 10,000 Robinhood Accounts #GotBitcoin

Hackers Steal $2.3 Million From Trump Wisconsin Campaign Account

Crypto Scammers Deface Trump Campaign Website One Week From Elections

Telecoms Protocol From 1975 Exploited To Target 20 Crypto Executives

With Traders Far From Offices, Banks Bring Surveillance To Homes

Financial Systems Set Up To Monitor Unemployment Insurance Fraud Are Being Overloaded (#GotBlockchain?)

A Millionaire Hacker’s Lessons For Corporate America

Container Shipping Line CMA CGM Says Data Possibly Stolen In Cyberattack

Major Hospital System Hit With Cyberattack, Potentially Largest In U.S. History

Hacker Releases Information On Las Vegas-Area Students After Officials Don’t Pay Ransom

Russian Troll Farms Posing As African-American Support For Donald Trump

US Moves To Seize Cryptocurrency Accounts Linked To North Korean Heists

These Illicit SIM Cards Are Making Hacks Like Twitter’s Easier

Uber Exec Allegedly Concealed 2016 Hack With $100K BTC ‘Bug Bounty’ Pay-Off

Senate Panel’s Russia Probe Found Counterintelligence Risks In Trump’s 2016 Campaign

Bockchain Based Surveillance Camera Technology Detects Crime In Real-Time

Trump Bans TicToc For Violating Your Privacy Rights While Giving US-Based Firm Go Ahead (#GotBitcoin?)

Facebook Offers Money To Reel In TikTok Creators

How A Facebook Employee Helped Trump Win—But Switched Sides For 2020

Facebook Rebuffs Barr, Moves Ahead on Messaging Encryption

Facebook Ad Rates Fall As Coronavirus Undermines Ad Spending

Facebook Labels Trump Posts On Grounds That He’s Inciting Violence

Crypto Prediction Markets Face Competition From Facebook ‘Forecasts’ (#GotBitcoin?)

Coronavirus Is The Pin That Burst Facebook And Google Online Ads Business Bubble

OpenLibra Plans To Launch Permissionless Fork Of Facebook’s Stablecoin (#GotBitcoin?)

Facebook Warns Investors That Libra Stablecoin May Never Launch (#GotBitcoin?)

FTC Approves Roughly $5 Billion Facebook Settlement (#GotBitcoin?)

How Facebook Coin’s Big Corporate Backers Will Profit From Crypto

Facebook’s Libra Is Bad For African Americans (#GotBitcoin?)

A Monumental Fight Over Facebook’s Cryptocurrency Is Coming (#GotBitcoin?)

Alert! 540 Million Facebook Users’ Data Exposed On Amazon Servers (#GotBitcoin?)

Facebook Bug Potentially Exposed Unshared Photos of Up 6.8 Million Users (#GotBitcoin?)

Facebook Says Millions of Users’ Passwords Were Improperly Stored in Internal Systems (#GotBitcoin?)

Advertisers Allege Facebook Failed to Disclose Key Metric Error For More Than A Year (#GotBitcoin?)

Ad Agency CEO Calls On Marketers To Take Collective Stand Against Facebook (#GotBitcoin?)

Thieves Can Now Nab Your Data In A Few Minutes For A Few Bucks (#GotBitcoin?)

New Crypto Mining Malware Beapy Uses Leaked NSA Hacking Tools: Symantec Research (#GotBitcoin?)

Equifax, FICO Team Up To Sell Your Financial Data To Banks (#GotBitcoin?)

Cyber-Security Alert!: FEMA Leaked Data Of 2.3 Million Disaster Survivors (#GotBitcoin?)

DMV Hacked! Your Personal Records Are Now Being Transmitted To Croatia (#GotBitcoin?)

Lithuanian Man Pleads Guilty In $100 Million Fraud Against Google, Facebook (#GotBitcoin?)

Hack Alert! Buca Di Beppo, Owned By Earl Enterprises Suffers Data Breach Of 2M Cards (#GotBitcoin?)

SEC Hack Proves Bitcoin Has Better Data Security (#GotBitcoin?)

Maxine Waters (D., Calif.) Rises As Banking Industry’s Overseer (#GotBitcoin?)

FICO Plans Big Shift In Credit-Score Calculations, Potentially Boosting Millions of Borrowers (#GotBitcoin?)

Our Facebook Page

Your Questions And Comments Are Greatly Appreciated.

Monty H. & Carolyn A.

Go back

Leave a Reply